A new service allows users to sell old phones and tablets but, as LIRON SEGEV reports, deleting information before selling a device does not wipe your slate clean
Every phone and tablet has an option under Settings that allows you to Reset Phone to Factory Defaults. When activating this option the phone warns you that it will delete all your information, pics, music, e-mail, apps and everything else that you have loaded on the device. Essentially the phone is reset to the point where it came out of the factory and ready to be setup for the first time.
But is this good enough ? Is your information really deleted?
The shocking answer is: NO.
What happens when you delete ?
When we create a file, such as when we snap a new pic or create a new document, the operating system creates the file by storing it in bits and pieces in blocks on the device’s storage – be it internal phone storage or SD Card. It look similar to this:
In order to find which blocks make up the file, the operating system creates an index which identifies the bits that make up the complete file.
When you delete a file, the operating system removes not the content inside the blocks, but removes the reference to those blocks from the Index. However all the bits in the blocks still remain on the hard drive and are marked as “free” so that new files can overwrite those bits. It’s the equivalent of removing the chapter name from the Index of the book, but still leaving the contents of the chapter inside the book – if you page through, you will find that chapter even without the index.
And this is where the problem arrises.
There are applications that allow techies to skip over the index and view the bits inside those blocks so they can recover any file whose blocks haven’t been overwritten by new files.
Does Factory Reset leaves content behind?
This is confirmed by the team at security firm Avast, who purchased 20 phones on eBay and ran their software though them that have been reset to Factory Defaults. They discovered over 40,000 photos (yes, including those sexting pics), 750 e-mails, 250 contacts with names and addresses and various personal files.
Stefan Tanase, Senior Security Researcher, Global Research & Analysis Team, Eastern Europe, Middle East and Africa, Kaspersky Lab confirms this too:
“A staggering amount of personal data is usually left on devices after a factory reset is performed. Most often these devices end up being sold on eBay(-like) websites, and might end up in the hands of someone with bad intentions, who can recover the data. Users don’t realise that they leave behind e-mails or SMS messages, contact information or even personal pictures and videos shot with the phone camera. Essentially, all data stored on the device is recoverable to some extent”
How do you do you ensure that your data is actually deleted ?
Simply doing a factory reset clearly is not the answer. If you want to ensure that none of your sensitive pics or information land up all over the Internet, you should Encrypt your device before doing Factory Reset
This sounds very “James-Bondy” but it s a simple step that you need to do with the tool included with your phone. When you run the encryption tool, it protects your files from prying eyes which goes a long way to stop anyone with $50 software from getting a hold of your family pics.
Each phone manufacturer has their own way of dealing with encryption:
Obviously before engaging in this, make sure you read and understand what is involved and back up your phone (do not lose the PIN either.)
- Android – http://www.networkworld.com/article/2689371/opensource-subnet/how-to-encrypt-an-android-device-in-5-steps.html
- iOS 8 (already comes encrypted) – https://www.apple.com/privacy/privacy-built-in/
- BlackBerry devices: http://docs.blackberry.com/en/smartphone_users/deliverables/47561/als1342444399047.jsp
If your device doesn’t have encryption built into the settings, then you can download several applications from the App Stores that allow you to do that.
The obvious solution would be for the mobile phone manufacturers to have encryption built into their Factory Reset process, however as Stefan Tanase points out that the mobile phone manufacturers chose not to do this because of:
1. Lack of security awareness – both users and manufacturers generally don’t realise the importance of securely erasing data.
2. Speed – erasing a storage device securely takes more time, and the reality is that most users would rather have their device quickly perform the factory reset.
The more we trust our mobile phones with out lives, the more we should be weary of just how vulnerable these devices are. We need to be more aware of the digital fingerprints we are leaving behind.
* Image courtesy of shutterstock.com
* Follow Gadget on Twitter on @GadgetZA
Opera launches built-in VPN on Android browser
Opera has released a new version of its mobile browser, which features a built-in virtual private network service.
Opera has released a new version of its mobile browser, Opera for Android 51, which features a built-in VPN (virtual private network) service.
A VPN allows users to create a secure connection to a public network, and is particularly useful if users are unsure of the security levels of the public networks that they use often.
The new VPN in Opera for Android 51 is free, unlimited and easy to use. When enabled, it gives users greater control of their online privacy and improves online security, especially when connecting to public Wi-Fi hotspots such as coffee shops, airports and hotels. The VPN will encrypt Internet traffic into and out of their mobile devices, which reduces the risk of malicious third parties collecting sensitive information.
“There are already more than 650 million people using VPN services globally. With Opera, any Android user can now enjoy a free and no-log service that enhances online privacy and improves security,” said Peter Wallman, SVP Opera Browser for Android.
When users enable the VPN included in Opera for Android 51, they create a private and encrypted connection between their mobile device and a remote VPN server, using strong 256-bit encryption algorithms. When enabled, the VPN hides the user’s physical location, making it difficult to track their activities on the internet.
The browser VPN service is also a no-log service, which means that the VPN servers do not log and retain any activity data, all to protect users privacy.
“Users are exposed to so many security risks when they connect to public Wi-Fi hotspots without a VPN,” said Wallman. “Enabling Opera VPN means that users makes it difficult for third parties to steal information, and users can avoid being tracked. Users no longer need to question if or how they can protect their personal information in these situations.”
According to a report by the Global World Index in 2018, the use of VPNs on mobile devices is rising. More than 42 percent of VPN users on mobile devices use VPN on a daily basis, and 35 percent of VPN users on computers use VPN daily.
The report also shows that South African VPN users said that their main reason for using a VPN service is to remain anonymous while they are online.
“Young people in particular are concerned about their online privacy as they increasingly live their lives online,” said Wallman. “Opera for Android 51 makes it easy to benefit from the security and anonymity of VPN , especially for those may not be aware of how to set these up.”
Setting up the Opera VPN is simple. Users just tap on the browser settings, go to VPN and enable the feature according to their preference. They can also select the region of their choice.
The built-in VPN is free, which means that users don’t need to download additional apps on their smartphones or pay additional fees as they would for other private VPN services. With no sign-in process, users don’t need to log in every time they want to use it.
Opera for Android is available for download in Google Play. The rollout of the new version of Opera for Android 51 will be done gradually per region.
Future of the car is here
Three new cars, with vastly different price-tags, reveal the arrival of the future of wheels, writes ARTHUR GOLDSTUCK
Just a few months ago, it was easy to argue that the car of the future was still a long way off, at least in South Africa. But a series of recent car launches have brought the high-tech vehicle to the fore in startling ways.
The Jaguar i-Pace electric vehicle (EV), BMW 330i and the Datsun Go have little in common, aside from representing an almost complete spectrum of car prices on the local market. Their tags start, respectively, at R1.7-million, R650 000 and R150 000.
Such a widely disparate trio of vehicles do not exactly come together to point to the future. Rather, they represent different futures for different segments of the market. But they also reveal what we can expect to become standard in most vehicles produced in the 2020s.
The i-Pace may be out of reach of most South Africans, but it ushers in two advances that will resonate throughout the EV market as it welcomes new and more affordable cars. It is the first electric vehicle in South Africa to beat the bugbear of range anxiety.
Unlike the pioneering “old” Nissan Leaf, which had a range of up to about 150km, and did not lend itself to long distance travel, the i-Pace has a 470km range, bringing it within shouting distance of fuel-powered vehicles. A trip from Johannesburg to Durban, for example, would need just one recharge along the way.
And that brings in the other major advance: the i-Pace is the first EV launched in South Africa together with a rapid public charging network on major routes. It also comes with a home charging kit, which means the end of filling up at petrol stations.
The Jaguar i-Pace dispels one further myth about EVs: that they don’t have much power under the hood. A test drive around Gauteng revealed not only a gutsy engine, but acceleration on a par with anything in its class, and enough horsepower to enhance the safety of almost any overtaking situation.
Specs for the Jaguar i-Pace include:
- All-wheel drive
- Twin motors with a combined 294kW and 696Nm
- 0-100km/h in 4.8s
- 90kWh Lithium-ion battery, delivering up to 470km range
- Eight-year/160 000km battery warranty
- Two-year/34 000km service intervals
Click here to read about BMW’s self-driving technology, and how Datsun makes smart technology affordable.